package com.apexedu.portal.controller;

import com.apexedu.framework.util.DBUtil;
import com.apexedu.framework.util.SysPropertiesUtil;
import com.apexedu.identity.IdConstants;
import com.apexedu.identity.entity.TSysUser;
import com.apexedu.portal.constant.ActionConstant;
import com.apexedu.portal.util.LittleTimer;
import com.apexedu.util.crypto.LiveBosMD5;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;

/**
 * 修改用户密码
 * Created by ly on 2014/8/13.
 */
@Controller
public class UserController extends BaseController {
    /**
     * 检查用户密码是否匹配
     *
     * @return
     */
    @RequestMapping(value = ActionConstant.User.RequestMapping_checkPwd)
    @ResponseBody
    public String checkPwd(HttpServletRequest request) {
        LittleTimer timer = new LittleTimer();
        try {
            String pwd = java.net.URLDecoder.decode(request.getParameter("pwd"), "UTF-8");
            TSysUser tSysUser = (TSysUser) request.getSession().getAttribute(IdConstants.SESSION_USER);
            String userloginid = tSysUser.getUserloginid();
            debug("<<{}>> checkPwd start : userloginid : {} , pwd : {}", this.getClass().getSimpleName(), userloginid, pwd);
            String oldpwd = LiveBosMD5.getMD5Digest(pwd).toLowerCase();
            String sql_count = "select count(*) from t_sys_user t where t.userloginid = ? and t.userpwd = ?";
            int i = DBUtil.count(sql_count, userloginid, LiveBosMD5.getMD5Digest(pwd).toUpperCase());
            return i > 0 ? "true" : "false";
//            if (false&&"true".equals(SysPropertiesUtil.get("hasLdap"))) {
//                return LdapUtil.verifySHA(LdapUtil.queryPwd(userloginid), pwd) ? "true" : "false";
//            } else {
//                return DBUtil.count(" from t_sys_user t where t.userloginid = ? and t.userpwd = ?",
//                        userloginid, LiveBosMD5.getMD5Digest(pwd).toUpperCase()) > 0 ? "true" : "false";
//            }
        } catch (Exception e) {
            error("<<{}>> checkPwd error : {}", this.getClass().getSimpleName(), e);
            throw new RuntimeException(e);
        } finally {
            debug("<<{}>> checkPwd end : {}", this.getClass().getSimpleName(), timer.end());
        }
    }

    /**
     * 修改用户密码
     *
     * @return
     */
    @RequestMapping(value = ActionConstant.User.RequestMapping_updatePwd)
    @ResponseBody
    public String modifyUserPwd(HttpServletRequest request) {
        LittleTimer timer = new LittleTimer();
        String userType = "";
        try {
            String pwd = java.net.URLDecoder.decode(request.getParameter("pwd"), "UTF-8");
            TSysUser tSysUser = (TSysUser) request.getSession().getAttribute(IdConstants.SESSION_USER);
            if ("1".equals(tSysUser.getUsertype())) {
                userType = "教师";
            } else if ("2".equals(tSysUser.getUsertype())) {
                userType = "学生";
            } else {
                userType = "其他";
            }
            String userloginid = tSysUser.getUserloginid();
            debug("<<{}>> modifyUserPwd start : userloginid : {} , pwd : {}", this.getClass().getSimpleName(), userloginid, pwd);

            DBUtil.executeSQL("update t_sys_user a set userpwd = ? where a.userloginid = ?", LiveBosMD5.getMD5Digest(pwd).toUpperCase(), userloginid);

            if ("true".equals(SysPropertiesUtil.get("hasLdap"))) {// 【工业学校门户修改密码，因为接入了ldap，所以只改ldap密码】
                return PwdController.rePwdInLdapAD(userloginid, userType, pwd);
            }

            return "true";
        } catch (Exception e) {
            error("<<{}>> modifyUserPwd error : {}", this.getClass().getSimpleName(), e);
            throw new RuntimeException(e);
        } finally {
            debug("<<{}>> modifyUserPwd end : {}", this.getClass().getSimpleName(), timer.end());
        }
    }
}
